CVE-2020-7378 – CRIXP OpenCRX version 4.30 and 5.0-20200717 and prior suffers from an unverified password …

24 November 2020

Vuln ID: CVE-2020-7378

Published: 2020-11-24 17:15:11Z

Description: CRIXP OpenCRX version 4.30 and 5.0-20200717 and prior suffers from an unverified password change vulnerability. An attacker who is able to connect to the affected OpenCRX instance can change the password of any user, including admin-Standard, to any chosen value. This issue was resolved in version 5.0-20200904, released September 4, 2020.

Source: NVD.NIST.GOV

Date:

24 November 2020

Categorie(s):

NVD

Tag(s):

NVD

UK IT Leaders Are Prioritizing Cybersecurity: But Is This a Good Thing?24 April 2024
If Britain is so bothered by China, why do these .gov.uk sites use Chinese ad brokers?24 April 2024
eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners24 April 2024
“All for One and One for All”: The EU Cyber Solidarity Act Strengthens Digital Defenses24 April 2024
Rewards Up to $10 Million for Information on Iranian Hackers24 April 2024